[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fBzUSXK3GE_DlATIHzQUYiTFVOQmNlsRTfk6eCsHA7mU":3,"$fTuHbpezfx5_6V3w6wKXQsbbffAluTdZ43cWYdAzlRWg":416,"$fxIVhUqUB8kJHKkN-ShwvVjAT_XUUy84Sd0gbaG-m2WM":420},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":11,"num_ratings":11,"last_updated":13,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27,"discovery_status":28,"vulnerabilities":29,"developer":30,"crawl_stats":26,"alternatives":35,"analysis":123,"fingerprints":385},"squish-site-patrol","Squish Site Patrol","1.5.0","squishit","https:\u002F\u002Fprofiles.wordpress.org\u002Fsquishit\u002F","\u003Cp>Squish Site Patrol gives your WordPress site a complete health check — security hardening, malware scanning, login protection, and page speed in a single clean dashboard.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Two-Factor Authentication (2FA)\u003C\u002Fstrong>\u003Cbr \u002F>\n* TOTP-based 2FA with QR code setup (Google Authenticator, Authy, etc.)\u003Cbr \u002F>\n* Custom branded interstitial login page — replaces the default wp-login.php flow\u003Cbr \u002F>\n* Per-user 2FA enrollment with recovery options\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Login Protection\u003C\u002Fstrong>\u003Cbr \u002F>\n* reCAPTCHA v3 on the login page (free tier, no checkbox required)\u003Cbr \u002F>\n* Geo IP country blocking — restrict logins by country via ipapi.co\u003Cbr \u002F>\n* Magic link login — send a one-time signed login link to your admin email (Patched)\u003Cbr \u002F>\n* Failed login attempt monitoring and alerts (Patched)\u003Cbr \u002F>\n* Detects predictable “admin” username\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security Checks\u003C\u002Fstrong>\u003Cbr \u002F>\n* WordPress core version check\u003Cbr \u002F>\n* Plugin update status — flags outdated plugins\u003Cbr \u002F>\n* SSL \u002F HTTPS detection\u003Cbr \u002F>\n* File editor status check (wp-admin editor)\u003Cbr \u002F>\n* wp-config.php permissions check (Patched)\u003Cbr \u002F>\n* XML-RPC status check (Patched)\u003Cbr \u002F>\n* Debug mode detection (Patched)\u003Cbr \u002F>\n* Admin account audit — flags inactive admin accounts (Patched)\u003Cbr \u002F>\n* Database prefix check — flags default wp_ prefix (Patched)\u003Cbr \u002F>\n* Directory listing detection (Patched)\u003Cbr \u002F>\n* HTTP security headers check (Patched)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Malware Scanner\u003C\u002Fstrong>\u003Cbr \u002F>\n* Verifies all 3,000+ WordPress core files against official checksums\u003Cbr \u002F>\n* Detects PHP files hidden in your uploads folder\u003Cbr \u002F>\n* Scans for dangerous file types (.exe, .sh, .bat) in uploads\u003Cbr \u002F>\n* User enumeration vulnerability check\u003Cbr \u002F>\n* Flags any modified core files\u003Cbr \u002F>\n* Real-time file change monitoring with baseline comparison (Patched)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Email Breach Detection\u003C\u002Fstrong>\u003Cbr \u002F>\n* Checks admin email addresses against HaveIBeenPwned (Patched)\u003Cbr \u002F>\n* Alerts you if any admin account appears in a known breach\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Audit Log\u003C\u002Fstrong>\u003Cbr \u002F>\n* Tracks logins, failed login attempts, plugin installs, settings changes, and scans\u003Cbr \u002F>\n* 90-day retention with full event history\u003Cbr \u002F>\n* Filter by event type — login, scan, settings, plugin activity and more\u003Cbr \u002F>\n* Recent activity strip on the main dashboard\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Page Speed & Core Web Vitals\u003C\u002Fstrong>\u003Cbr \u002F>\n* Live Google PageSpeed Insights score\u003Cbr \u002F>\n* Core Web Vitals — LCP, FCP, and CLS\u003Cbr \u002F>\n* Mobile performance scoring\u003Cbr \u002F>\n* Scan any public URL\u003Cbr \u002F>\n* Inline metric explanations\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Reporting\u003C\u002Fstrong>\u003Cbr \u002F>\n* Weekly HTML email reports with a full scan summary (Patched)\u003Cbr \u002F>\n* Scheduled automatic daily scans (Patched)\u003Cbr \u002F>\n* Email alerts when issues are detected (Patched)\u003Cbr \u002F>\n* SSL certificate expiry alerts (Patched)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Dashboard & UX\u003C\u002Fstrong>\u003Cbr \u002F>\n* Clean two-panel layout — Security on the left, Scans & hardening on the right\u003Cbr \u002F>\n* Hardening tab consolidates all Patched checks in one place\u003Cbr \u002F>\n* Issues-only toggle on both panels — hide passing checks, focus on what needs fixing\u003Cbr \u002F>\n* Rescan button with toast notification (no page reload)\u003Cbr \u002F>\n* Dark mode toggle\u003Cbr \u002F>\n* Scan spinner and auto-scan status badge\u003Cbr \u002F>\n* Score cards hidden by default until first scan runs\u003Cbr \u002F>\n* Inline metric tooltips\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Performance\u003C\u002Fstrong>\u003Cbr \u002F>\n* Aggressive transient caching (12–24hr TTL) across all check classes\u003Cbr \u002F>\n* Zero front-end footprint — all scans run in wp-admin only\u003C\u002Fp>\n\u003Ch4>Squish Site Patrol Patched — $15\u002Fmo\u003C\u002Fh4>\n\u003Cp>Upgrade to Patched for automatic monitoring and advanced protection:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Scheduled automatic daily scans\u003C\u002Fli>\n\u003Cli>Weekly HTML email reports\u003C\u002Fli>\n\u003Cli>Email alerts when issues are found\u003C\u002Fli>\n\u003Cli>Magic link login — passwordless one-time login links\u003C\u002Fli>\n\u003Cli>Failed login attempt monitoring\u003C\u002Fli>\n\u003Cli>SSL certificate expiry alerts\u003C\u002Fli>\n\u003Cli>Real-time file change monitoring with baseline comparison\u003C\u002Fli>\n\u003Cli>Reset file monitoring baseline after legitimate updates\u003C\u002Fli>\n\u003Cli>wp-config.php permissions check\u003C\u002Fli>\n\u003Cli>XML-RPC status check\u003C\u002Fli>\n\u003Cli>Debug mode detection\u003C\u002Fli>\n\u003Cli>HTTP security headers check\u003C\u002Fli>\n\u003Cli>Admin account audit — flags inactive admin accounts\u003C\u002Fli>\n\u003Cli>Database prefix check — flags default wp_ prefix\u003C\u002Fli>\n\u003Cli>Directory listing detection\u003C\u002Fli>\n\u003Cli>Email breach check via HaveIBeenPwned\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Ch4>Google PageSpeed Insights API\u003C\u002Fh4>\n\u003Cp>Used to analyze page speed and Core Web Vitals for any URL entered by the user. Data sent: the URL being scanned. This call is only made when the user clicks “Run scan”.\u003Cbr \u002F>\n* Service: https:\u002F\u002Fdevelopers.google.com\u002Fspeed\u002Fdocs\u002Finsights\u002Fv5\u002Fabout\u003Cbr \u002F>\n* Privacy: https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003Cbr \u002F>\n* Terms: https:\u002F\u002Fdevelopers.google.com\u002Fterms\u003C\u002Fp>\n\u003Ch4>WordPress.org Checksums API\u003C\u002Fh4>\n\u003Cp>Used to verify the integrity of WordPress core files by comparing them against official checksums. No user data is sent — only the WordPress version number and locale.\u003Cbr \u002F>\n* Service: https:\u002F\u002Fapi.wordpress.org\u002Fcore\u002Fchecksums\u002F1.0\u002F\u003Cbr \u002F>\n* Privacy: https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\u003C\u002Fp>\n\u003Ch4>ipapi.co\u003C\u002Fh4>\n\u003Cp>Used to determine the country of origin for login attempts when Geo IP country blocking is enabled. Data sent: the visitor’s IP address. This check only runs on the login page when the feature is active.\u003Cbr \u002F>\n* Service: https:\u002F\u002Fipapi.co\u003Cbr \u002F>\n* Privacy: https:\u002F\u002Fipapi.co\u002Fprivacy\u002F\u003C\u002Fp>\n\u003Ch4>HaveIBeenPwned API (Patched only)\u003C\u002Fh4>\n\u003Cp>Used to check if admin email addresses appear in known data breach databases. Requires a valid HIBP API key configured in settings.\u003Cbr \u002F>\n* Service: https:\u002F\u002Fhaveibeenpwned.com\u002FAPI\u002Fv3\u003Cbr \u002F>\n* Privacy: https:\u002F\u002Fhaveibeenpwned.com\u002FPrivacy\u003Cbr \u002F>\n* Terms: https:\u002F\u002Fhaveibeenpwned.com\u002FAPI\u002Fv3#license\u003C\u002Fp>\n\u003Ch4>Freemius\u003C\u002Fh4>\n\u003Cp>Used to manage the Patched premium subscription, licensing, and payments. Data sent upon upgrade: site URL, WordPress version, plugin version, and user email if the user opts in.\u003Cbr \u002F>\n* Service: https:\u002F\u002Ffreemius.com\u003Cbr \u002F>\n* Privacy: https:\u002F\u002Ffreemius.com\u002Fprivacy\u002F\u003Cbr \u002F>\n* Terms: https:\u002F\u002Ffreemius.com\u002Fterms\u002F\u003C\u002Fp>\n","Complete WordPress security, malware scanning, login protection, and performance monitoring in one clean dashboard.",0,193,"2026-04-12T19:12:00.000Z","6.9.4","6.0","8.0",[18,19,20,21,22],"login-protection","malware-scanner","security","two-factor-authentication","vulnerability-scanner","https:\u002F\u002Fsquish.co","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsquish-site-patrol.1.5.0.zip",100,null,"2026-04-16T10:56:18.058Z","no_bundle",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":31,"total_installs":11,"avg_security_score":25,"avg_patch_time_days":32,"trust_score":33,"computed_at":34},1,30,94,"2026-05-19T16:03:26.788Z",[36,59,77,96,110],{"slug":37,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":14,"requires_at_least":49,"requires_php":50,"tags":51,"homepage":54,"download_link":55,"security_score":56,"vuln_count":57,"unpatched_count":11,"last_vuln_date":58,"fetched_at":27},"wp-malware-removal","Malcure Malware Shield — Removal, Repair, Monitor","19.9.1","Malcure Web Security","https:\u002F\u002Fprofiles.wordpress.org\u002Fmalcure\u002F","\u003Cp>Is your website acting strangely? Seeing ‘Deceptive Site Ahead’ warnings, Japanese spam, SEO spam, or random redirects? Time to fix and monitor your site with \u003Cstrong>Malcure Malware Shield\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Malcure Malware Shield: The Powerful Antivirus\u003C\u002Fh3>\n\u003Cp>Just as your computer requires antivirus, your website demands specialized \u003Cstrong>antivirus-grade protection\u003C\u002Fstrong>. Malcure Malware Shield delivers comprehensive, \u003Cstrong>antivirus-style\u003C\u002Fstrong> detection with advanced signatures to identify viruses, trojans, backdoors, adware, and ransomware. Unlike basic security plugins, it operates with the precision of an antivirus engine, scanning every layer of your site—from core files to the database—to ensure your website remains virus-free and secure.\u003C\u002Fp>\n\u003Ch3>Malware Removal, Hack Repair & SEO Spam Cleanup\u003C\u002Fh3>\n\u003Cp>Malware attacks are evolving. Standard scanners often miss hidden backdoors and database infections. If your current security plugin says “All Clear” but your site is still broken, you need \u003Cstrong>Malcure Malware Shield\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Malcure Malware Shield\u003C\u002Fstrong> is the intelligent, lightweight security solution. We believe security should be simple on the surface but deep under the hood. No complex settings. No bloat. Just activate and scan.\u003C\u002Fp>\n\u003Cp>Lightweight, API-driven scanning runs only on demand or on scheduled scans — no persistent background processes.\u003C\u002Fp>\n\u003Cp>Unlike scanners that delay new malware definitions for days, Malcure delivers real-time threat intelligence to every user so you’re protected against the latest threats as soon as they emerge.\u003C\u002Fp>\n\u003Ch3>What Our Users Say\u003C\u002Fh3>\n\u003Cp>Quotes are verbatim from WordPress.org support reviews, except for bracketed edits (for example, competitor names removed).\u003C\u002Fp>\n\u003Ch4>Best by far, better than [competitor name removed] and other giants\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“You can see it is a bunch of geeks that created this, with skill and visual creativity at that. I spent hours trying to find a plugin like this. So many options and such bad results until now. Great job guys. You deserve it. Simple and effective. (Disclaimer to other potential readers: there are many types of hacks\u002Fmalware out there, every scenario is different, but start with the Malcure scan and see how it goes. 9\u002F10 you won’t be disappointed, my guess)” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fbest-by-far-better-than-wordfence-and-other-giants\u002F\" rel=\"ugc\">@dalingzaf\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>The ONLY plugin that scans files…\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“I am a web developer and have tried many malware removal plugins, including popular ones [competitor names removed]. However, none of them detected some unusual files that were actually malware causing regular attacks. Some of these files were in JPG format.” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fthe-only-plugin-that-scans-files-in-real-time-2\u002F\" rel=\"ugc\">@devzeeshanx\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Best Malware Removal Plugin in just few minutes\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“Most security plugins that are free only scan the code, but Malcure Malware Removal Plugin scans the wordpress database and the code files in few minutes. Accurately shows which Database table row is infected and it helps resolve the hacking attempt instantly. Saves a lot of time for the developers. Thank You Team Malcure” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fbest-malware-removal-plugin-in-just-few-minutes\u002F\" rel=\"ugc\">@s3630\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>It’s not just a “teaser”\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“This plugin really found the malware, and removed it. Really for free. Thanks guys, I’m going to donate now!” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fits-not-just-a-teaser\u002F\" rel=\"ugc\">@halucska\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Malware Removal & Hack Repair\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Checksum Verification:\u003C\u002Fstrong> We verify core, plugin, and theme file integrity against the official repository checksums served by our SaaS API endpoint.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Deep Scan:\u003C\u002Fstrong> If checksums fail, Malcure runs a full scan against malware detection signatures detecting estimated 50,000+ variants.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Inspect & Repair:\u003C\u002Fstrong> Inspect infected database records and files. Assists in cleaning compromised files and database entries.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO Spam Specialist:\u003C\u002Fstrong> Detects and removes the notorious “Japanese Keyword Hack” and pharma spam from your files and database, helping restore your Google rankings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Virus Scanner & Threat Detection\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Database Scan:\u003C\u002Fstrong> Scans database tables for malicious injections and spam links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Scan:\u003C\u002Fstrong> Scans core files, themes, plugins, images, and uploads for backdoors and obfuscated code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Vulnerability Detection:\u003C\u002Fstrong> Checks your core, plugins, and themes for known security flaws.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>DeepScan™ Technology:\u003C\u002Fstrong> Scans backups, archives, images, and hidden files where malware hides.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ultra-High Precision:\u003C\u002Fstrong> Uses intelligent checksum verification (comparing your files to official core\u002Fplugin\u002Ftheme checksums) to dramatically reduce false alarms compared to heuristic-only scanners.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Intelligent Health Monitor\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Always-On Guard:\u003C\u002Fstrong> Continuous monitoring via \u003Cstrong>Scheduled Scans\u003C\u002Fstrong> (daily\u002Fweekly\u002Fmonthly) configurable cadence.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Instant Alerts:\u003C\u002Fstrong> Every time a scheduled scan completes, you get an instant email report telling you if your site is clean or infected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Event Log:\u003C\u002Fstrong> Track the events leading up to a malware incident for faster root-cause analysis.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Powered by Malcure API: Real-Time Threat Intelligence\u003C\u002Fh3>\n\u003Cp>Hackers don’t sleep, and neither do we. Malcure Malware Shield connects to our real-time API to fetch the latest threat definitions.\u003C\u002Fp>\n\u003Cp>This plugin relies on the Malcure API to provide real-time threat intelligence and checksum verification.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Data Transmission:\u003C\u002Fstrong> To perform scans, the plugin sends file checksums and your site’s domain to Malcure servers. No sensitive user data is transmitted.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms & Privacy:\u003C\u002Fstrong> Use of the API is subject to our \u003Ca href=\"https:\u002F\u002Fwww.malcure.com\u002F?p=1720&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=3&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero-Day Alerts:\u003C\u002Fstrong> Our API serves new threat-intelligence in real-time, ensuring the site is scanned against the latest vulnerabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Checksums:\u003C\u002Fstrong> We verify your core files, themes, and plugins against the official repository checksums using our API, ensuring absolute integrity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight:\u003C\u002Fstrong> The scanner only uses minimum resources to keep your server fast and responsive.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Keep Malcure Malware Shield Installed?\u003C\u002Fh3>\n\u003Ch4>Reinfection Risk & Continuous Monitoring\u003C\u002Fh4>\n\u003Cp>Malware cleanup is not a one-and-done task. New vulnerabilities and reinfections can appear without warning, so continuous monitoring and scheduled scans help catch issues early—before SEO damage, blacklists, or downtime. You get email notification with the results to rest assured that the site is clean or when immediate action is required.\u003C\u002Fp>\n\u003Cp>Cleaning your site is just step one. Malcure is your anti-malware health monitor.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Continuous Monitoring:\u003C\u002Fstrong> Scheduled scans watch your site for changes so you don’t have to.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Event Log:\u003C\u002Fstrong> See exactly what’s happening on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Early Warning:\u003C\u002Fstrong> Catch new infections before Google blacklists you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recurrence Prevention:\u003C\u002Fstrong> Scheduled scans and integrity checks catch reinfections before they spread.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Bloat:\u003C\u002Fstrong> Designed to run on-demand or as per schedule without slowing down your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Who This Plugin Is For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Site owners\u003C\u002Fstrong> who want clear, actionable results (what was flagged and where).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Agencies & developers\u003C\u002Fstrong> who need fast triage across multiple sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce \u002F membership \u002F lead-gen sites\u003C\u002Fstrong> where downtime, SEO brand-reputation damage are expensive.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anyone\u003C\u002Fstrong> who wants a scanner that cuts through the noise to focus on \u003Cem>signal\u003C\u002Fem>—real threats with practical remediation paths.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works (Scan \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Review \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Clean \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Monitor)\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Scan\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Go to \u003Cstrong>Malcure Scanner\u003C\u002Fstrong> in your Admin Dashboard.\u003C\u002Fli>\n\u003Cli>Run a scan to check your files and database for vulnerabilities, malware, backdoors, suspicious code, and integrity issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Review\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Malcure reports findings with clear locations (file paths \u002F database records) so you can verify what changed and why it was flagged.\u003C\u002Fli>\n\u003Cli>Use the results to decide what should be repaired, deleted, or kept (for example, legitimate custom code).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Clean & Recover\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The free edition helps you identify issues, inspect data and understand what needs fixing.\u003C\u002Fli>\n\u003Cli>The Advanced Edition adds Whitelisting, Advanced Scan Filters, File Operations, WP CLI Automation, Deployment, Bulk Client-Servicing Features, Background Scan & Premium Support (Expertise).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Monitor\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set up scheduled scans to keep your site continuously monitored.\u003C\u002Fli>\n\u003Cli>Get email alerts for new infections or integrity issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Is It Free?\u003C\u002Fh4>\n\u003Cp>We believe in 100% transparency.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Free Forever:\u003C\u002Fstrong> Professional-grade Detection (Knowledge). You see every infected file and database row (exact file path & line number), so you can clean it yourself for free.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free Forever:\u003C\u002Fstrong> Real-time Threat Intelligence & Monitoring.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pro Upgrade:\u003C\u002Fstrong> Whitelisting, Advanced Scan Filters, File Operations, WP CLI Automation, Deployment, Bulk Client-Servicing Features, Background Scan & Premium Support (Expertise).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>You are never forced to pay to \u003Cem>find\u003C\u002Fem> a hack.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FEbSbxiTOc8k?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Core Features (Free Forever)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Deep Malware Scan:\u003C\u002Fstrong> Scans core files, themes, plugins, images, and your entire database for vulnerabilities, viruses, trojans, backdoors, and \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=60&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">malicious redirects\u003C\u002Fa>.\n\u003Cul>\n\u003Cli>\u003Cstrong>Files:\u003C\u002Fstrong> Scans core files, themes, plugins, images, and uploads for backdoors, shells including variants like C99, R57, RootShell, dolohan, Crystal Shell, Matamu, Cybershell, W4cking, Sniper, Predator, Jackal, Phantasma, GFS, Dive, Dx, obfuscated code and many more known and unknown variants.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database:\u003C\u002Fstrong> Scans database tables for malicious injections, recurring malware and spam links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO Spam Detection:\u003C\u002Fstrong> Specifically checks page titles and database records for “Japanese Keyword Hack”, “Pharma Hack” and other SEO spam symptoms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Vulnerability Scanner:\u003C\u002Fstrong> Checks your installed plugins and themes against our real-time database of known security vulnerabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Intelligent Checksum Verification:\u003C\u002Fstrong> Automatically verifies your core files, themes, and plugins against the official checksums. If a file has been tampered with, we know instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Uncompromising Detection:\u003C\u002Fstrong> Detects variants like C99, R57, RootShell, dolohan, Crystal Shell, Matamu, Cybershell, W4cking, Sniper, Predator, Jackal, Phantasma, GFS, Dive, Dx, obfuscated code and many more known and unknown variants.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attack Surface Hardening & Firewall:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Block Path Traversal:\u003C\u002Fstrong> Stops attackers from accessing sensitive system files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block PHP Uploads:\u003C\u002Fstrong> Prevents malicious scripts from being uploaded to your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stop User Enumeration:\u003C\u002Fstrong> Blocks bots from fishing for your username.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API Protection:\u003C\u002Fstrong> Prevents user data leakage via the WP REST API.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=1622&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Security Hardening\u003C\u002Fa>:\u003C\u002Fstrong> Learn more about securing your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recurrence Watchdog (Background Monitor):\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Set it and forget it:\u003C\u002Fstrong> Malcure runs silently in the background using scheduled scans (configurable cadence) + integrity baseline to monitor changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stay Ahead:\u003C\u002Fstrong> Automatically catch new infections before they spread or damage your SEO rankings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Incident Response Toolkit:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Nuke User Sessions:\u003C\u002Fstrong> Instantly force-logout every user on the site to kick out intruders.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Salt Shuffler:\u003C\u002Fstrong> One-click rotation of \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5230&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">security keys (salts)\u003C\u002Fa> to invalidate all browser cookies.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Forensic Flight Recorder (Event Log):\u003C\u002Fstrong> Track every security event. Know exactly \u003Cem>when\u003C\u002Fem> and \u003Cem>how\u003C\u002Fem> a breach might have occurred with our 100-day event log.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Search Console Integration:\u003C\u002Fstrong> Connect directly to Google to fetch security warnings and blacklist status in real-time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time API Updates:\u003C\u002Fstrong> Connects to the Malcure Cloud to fetch the latest threats and vulnerabilities.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upgrade to Advanced Edition\u003C\u002Fh4>\n\u003Cp>For mission-critical websites that demand comprehensive protection and recovery tools.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>1-Click Surgical Repair:\u003C\u002Fstrong> Inspect, Delete, or Repair infected files instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Whitelisting:\u003C\u002Fstrong> Stop false alarms. Supports files, folders, and \u003Cstrong>Database Records\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP-CLI Integration:\u003C\u002Fstrong> Complete command-line control for automated scanning and reporting, including async scan start\u002Fstatus\u002Fcancel, definitions export\u002Fimport, forced definition sync, and full official checksum refresh.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Definition Updates:\u003C\u002Fstrong> Definitions update automatically in the background.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>On-Demand Background Scans:\u003C\u002Fstrong> Trigger deep scans immediately without keeping your browser open.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Scan Filters:\u003C\u002Fstrong> For when you are specifically looking for something in the files or database or want to include, exclude specific files & directories\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Operations:\u003C\u002Fstrong> Critical file operations like deletion.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Client-Servicing Features:\u003C\u002Fstrong> Like copying scan results to generate report for clients.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Background Scan:\u003C\u002Fstrong> For when you want to trigger a scan and forget it. The scan continues and emails you upon completion.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Premium Support (Expertise):\u003C\u002Fstrong> When you want to consult or want to exploit advanced features or need help troubleshooting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>High-Priority Support:\u003C\u002Fstrong> Direct access to our security analysts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=116&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">\u003Cstrong>Get Malcure Advanced Edition\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Additional Resources for Malware Removal\u003C\u002Fh4>\n\u003Cp>Follow these expert guides to remove malware, recover lost traffic, and restore your online reputation:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=1540&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">A step by step guide to remove the malware\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=13946&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Japanese Keyword Hack: How to Remove SEO Spam\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5728&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">What is the Pharma Hack & How to fix it\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=14143&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Fix Google Ads Disapproved for Malicious Software\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=14477&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Prevent SQL Injection Attacks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5265&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Live Malware Infection Removal & Analysis\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=7207&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Fix “This Site May Harm Your Computer” Warning\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=60&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Comprehensive Guide to Removing JavaScript Redirect Malware\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5699&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Fix a Blank WP-Admin Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=9102&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Malcure WP CLI Integration & Cheatsheet\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=14375&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Prevent Brute Force Attacks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5230&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Change Salt Keys\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Expert Malware Removal Service\u003C\u002Fh4>\n\u003Cp>In over your head? Our security analysts are on standby. We offer a complete \u003Cstrong>Malware Removal Service\u003C\u002Fstrong> that includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>100% Removal Guarantee:\u003C\u002Fstrong> We guarantee to remove all malware from your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Same Day Service:\u003C\u002Fstrong> Fast turnaround time to get your business back online.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual Inspection:\u003C\u002Fstrong> Our experts manually inspect critical files (htaccess, wp-config, index.php) and your database.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blacklist Removal:\u003C\u002Fstrong> We handle the removal of your site from blacklists like Google, Norton, McAfee, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Hardening:\u003C\u002Fstrong> We identify the root cause and patch vulnerabilities to prevent future infections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>15-Day Cover:\u003C\u002Fstrong> Security analysts available 24\u002F7\u002F365 to ensure your site stays clean.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=107&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">\u003Cstrong>Book Expert Malware Removal\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Ch4>Some files are detected by Malcure Malware Shield as “suspicious”. What gives?\u003C\u002Fh4>\n\u003Cp>Malcure’s DeepScan checks each file for malware. However some files aren’t pure malware but may contain code that is suspicious and could potentially do nasty things. You should carefully review and analyse them to see if they indeed do anything nasty.\u003C\u002Fp>\n\u003Ch4>I can’t get Malcure Malware Shield to work. It hangs \u002F doesn’t complete the scan \u002F breaks for some reason.\u003C\u002Fh4>\n\u003Cp>If you think that the plugin is broken, \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5677&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">please report it here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Malcure Malware Shield (or for that matter other plugins) may break on malware affected \u002F broken websites. \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=116&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Malcure Advanced Edition\u003C\u002Fa> integrates with WP CLI and allows you to complete the scan from WP CLI even when the site is blocked by the webhost or when you are unable to login to the website.\u003C\u002Fp>\n\u003Ch4>My site is infected however Malcure Malware Shield doesn’t detect the infection.\u003C\u002Fh4>\n\u003Cp>Malware keeps evolving. If you come across malware that Malcure Malware Shield is not able to identify, you may \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=157&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">please report it here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>The scan gets stuck midway. What should I do?\u003C\u002Fh4>\n\u003Cp>In case of such an event, please file a support request with us and we’ll be more than happy to troubleshoot the issue.\u003C\u002Fp>\n\u003Cp>Please visit \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5677&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">this page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>I cleaned my site but it got infected again. What should I do?\u003C\u002Fh4>\n\u003Cp>Malware cleanup is a waste of time and effort unless you find the root cause behind the malware infection and monitor for recurrence. How was someone able to infect your website? Have you plugged in that security hole?\u003C\u002Fp>\n\u003Cp>Please read \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002Fblog\u002Fsecurity\u002Fwhy-do-wordpress-websites-get-hacked\u002F?utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Why Do Websites Get Hacked\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Google Safe Browsing site status (or some other scanner) still shows my site as infected. What should I do?\u003C\u002Fh4>\n\u003Cp>First make sure you purge your site cache. Second, Google (and other scanners) cache the results for some time. You’ll need to force or refresh the scan. You can also file a request with us to \u003Ca href=\"https:\u002F\u002Fwww.malcure.com\u002F?p=107&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">get your site off any blacklists\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>I found a suspicious file, what now?\u003C\u002Fh4>\n\u003Cp>If Malcure flags it, it’s likely malicious. You can inspect the file content using our built-in inspector. If you’re unsure, consider our \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=107&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Expert Malware Removal Service\u003C\u002Fa>.\u003C\u002Fp>\n","Fast malware removal & security shield. Fix hacks, stop redirects, clean SEO spam. Real-time threat intelligence. No bloat.",10000,618632,90,70,"2026-04-08T00:01:00.000Z","3.7.4","5.6",[52,19,20,53,22],"antivirus","virus","https:\u002F\u002Fmalcure.com\u002F?p=116&utm_source=plugin-header&utm_medium=web&utm_campaign=wpmr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-malware-removal.19.9.1.zip",96,3,"2025-09-03 00:00:00",{"slug":60,"name":61,"version":62,"author":63,"author_profile":64,"description":65,"short_description":66,"active_installs":67,"downloaded":68,"rating":11,"num_ratings":11,"last_updated":69,"tested_up_to":14,"requires_at_least":70,"requires_php":71,"tags":72,"homepage":75,"download_link":76,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"bearmor-security","Bearmor Security","0.9.16","bearmor","https:\u002F\u002Fprofiles.wordpress.org\u002Fandeirz\u002F","\u003Cp>\u003Cstrong>Finally, a WordPress security plugin that doesn’t slow down your site.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cp>Bearmor Security is built for \u003Cstrong>small to medium businesses, freelancers, and agencies\u003C\u002Fstrong> who need real protection without the bloat. No confusing dashboards, no technical jargon, no performance hit.\u003C\u002Fp>\n\u003Ch3>Why Bearmor?\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>🎯 Built for Non-Technical Users\u003C\u002Fstrong>\u003Cbr \u002F>\nYou shouldn’t need a security degree to protect your website. Bearmor gives you clear, actionable insights in plain English.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>⚡ Lightweight & Fast\u003C\u002Fstrong>\u003Cbr \u002F>\nUnlike bloated competitors, Bearmor won’t slow down your site. Clean code, efficient scans, zero impact on performance.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>💰 Most Features FREE\u003C\u002Fstrong>\u003Cbr \u002F>\nWhile others lock everything behind paywalls, Bearmor gives you professional-grade security for free. Compare us to Wordfence, Sucuri, or iThemes Security – we’re more generous.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>🛡️ Real Protection, Not Theater\u003C\u002Fstrong>\u003Cbr \u002F>\nWe focus on what actually matters: detecting threats, blocking attacks, and keeping you informed. No fake “critical alerts” to scare you into upgrading.\u003C\u002Fp>\n\u003Ch3>🆓 FREE Features (Yes, Really Free)\u003C\u002Fh3>\n\u003Ch3>Malware Scanner\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Deep file scanning\u003C\u002Fstrong> for backdoors, shells, and malicious code\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart detection\u003C\u002Fstrong> with pattern matching and heuristics\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quarantine threats\u003C\u002Fstrong> with one click\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Whitelist false positives\u003C\u002Fstrong> to prevent future alerts\u003C\u002Fli>\n\u003Cli>Scans plugins, themes, uploads, and core files\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>File Integrity Monitoring\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Real-time tracking\u003C\u002Fstrong> of all file changes\u003C\u002Fli>\n\u003Cli>See exactly what changed, when, and where\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quarantine suspicious changes\u003C\u002Fstrong> instantly\u003C\u002Fli>\n\u003Cli>Mark safe changes to keep your dashboard clean\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Login Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Brute force protection\u003C\u002Fstrong> with automatic IP blocking\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login activity log\u003C\u002Fstrong> – see every login attempt\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anomaly detection\u003C\u002Fstrong> – alerts for suspicious login patterns\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Geographic tracking\u003C\u002Fstrong> – know where logins come from\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Two-Factor Authentication (2FA)\u003C\u002Fstrong> via email – completely free\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security Hardening\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>One-click hardening\u003C\u002Fstrong> for common vulnerabilities\u003C\u002Fli>\n\u003Cli>Disable XML-RPC, file editing, directory browsing\u003C\u002Fli>\n\u003Cli>Hide WordPress version and login errors\u003C\u002Fli>\n\u003Cli>Enforce strong passwords\u003C\u002Fli>\n\u003Cli>All with simple on\u002Foff toggles\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Activity Logging\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>Track all admin actions\u003C\u002Fli>\n\u003Cli>See who changed what and when\u003C\u002Fli>\n\u003Cli>Filter by user, action type, or date\u003C\u002Fli>\n\u003Cli>Essential for multi-user sites\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Security Dashboard\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>At-a-glance overview\u003C\u002Fstrong> of your security status\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security score\u003C\u002Fstrong> with clear letter grade (A-F)\u003C\u002Fli>\n\u003Cli>See threats, recent activity, and recommendations\u003C\u002Fli>\n\u003Cli>No clutter, just what matters\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 PRO Features (Optional Upgrade)\u003C\u002Fh3>\n\u003Ch3>What’s FREE Forever\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Malware Scanner\u003C\u002Fstrong> – Full file scanning with quarantine\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Monitoring\u003C\u002Fstrong> – Real-time change tracking\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Security\u003C\u002Fstrong> – Brute force protection and blocking\u003C\u002Fli>\n\u003Cli>\u003Cstrong>2FA Authentication\u003C\u002Fstrong> – TOTP support built-in\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Quarantine Threats\u003C\u002Fstrong> – One-click isolation of malware\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Hardening\u003C\u002Fstrong> – All hardening options included\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Upgrade to PRO\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>🔥 \u003Cstrong>Advanced Firewall\u003C\u002Fstrong> – Block attacks before they reach WordPress\u003C\u002Fli>\n\u003Cli>🤖 \u003Cstrong>AI Security Analysis\u003C\u002Fstrong> – ChatGPT explains threats in plain English\u003C\u002Fli>\n\u003Cli>📊 \u003Cstrong>Deep Vulnerability Scanner\u003C\u002Fstrong> – Database scanning and comprehensive CVE checks\u003C\u002Fli>\n\u003Cli>⏰ \u003Cstrong>24\u002F7 Uptime Monitoring\u003C\u002Fstrong> – External monitoring with instant email alerts\u003C\u002Fli>\n\u003Cli>🌍 \u003Cstrong>Geo-Blocking\u003C\u002Fstrong> – Block entire countries and IP ranges\u003C\u002Fli>\n\u003Cli>🎯 \u003Cstrong>Priority Support\u003C\u002Fstrong> – Email support with faster response times\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fbearmor.eu\u002Fpricing\" rel=\"nofollow ugc\">Learn more about PRO \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>🎯 Perfect For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Small Business Owners\u003C\u002Fstrong> who need protection without complexity\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Freelancers\u003C\u002Fstrong> managing multiple client sites\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Agencies\u003C\u002Fstrong> who want reliable security without performance issues\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anyone\u003C\u002Fstrong> tired of bloated, confusing security plugins\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🔒 Privacy & External Services\u003C\u002Fh3>\n\u003Cp>Bearmor Security connects to our secure API server (bearmor.eu) for:\u003Cbr \u002F>\n– \u003Cstrong>License verification\u003C\u002Fstrong> (PRO users only)\u003Cbr \u002F>\n– \u003Cstrong>Uptime monitoring\u003C\u002Fstrong> (PRO users only)\u003Cbr \u002F>\n– \u003Cstrong>AI analysis\u003C\u002Fstrong> (PRO users only)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data sent to our servers:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Site URL\u003Cbr \u002F>\n– Admin email (for notifications)\u003Cbr \u002F>\n– Security scan results (PRO AI analysis only)\u003Cbr \u002F>\n– Site ID (anonymous identifier)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>We DO NOT:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Sell your data\u003Cbr \u002F>\n– Track your visitors\u003Cbr \u002F>\n– Store sensitive information\u003Cbr \u002F>\n– Share data with third parties\u003C\u002Fp>\n\u003Cp>For FREE users, only basic site registration data is sent (URL + email). No security data leaves your server.\u003C\u002Fp>\n\u003Cp>Read our full privacy policy: https:\u002F\u002Fbearmor.eu\u002Fprivacy\u003C\u002Fp>\n\u003Ch3>📊 Why Choose Bearmor?\u003C\u002Fh3>\n\u003Ch3>vs. Wordfence FREE\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>We include 2FA (they lock it behind PRO)\u003C\u002Fli>\n\u003Cli>We include quarantine (they lock it behind PRO)\u003C\u002Fli>\n\u003Cli>Lighter performance impact\u003C\u002Fli>\n\u003Cli>Simpler, cleaner interface\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>vs. Sucuri FREE\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>We include malware scanner (they lock it behind PRO)\u003C\u002Fli>\n\u003Cli>We include file monitoring (they lock it behind PRO)\u003C\u002Fli>\n\u003Cli>We include 2FA and quarantine\u003C\u002Fli>\n\u003Cli>More features in free version\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>vs. iThemes Security\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>More generous free tier\u003C\u002Fli>\n\u003Cli>Better malware detection\u003C\u002Fli>\n\u003Cli>Cleaner dashboard\u003C\u002Fli>\n\u003Cli>Faster scans\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🚀 Quick Start\u003C\u002Fh3>\n\u003Col>\n\u003Cli>Install and activate Bearmor Security\u003C\u002Fli>\n\u003Cli>Run your first malware scan (Dashboard \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Scan Now)\u003C\u002Fli>\n\u003Cli>Enable recommended hardening options (Dashboard \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Hardening)\u003C\u002Fli>\n\u003Cli>Set up 2FA for your account (Settings \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Two-Factor Auth)\u003C\u002Fli>\n\u003Cli>You’re protected! 🎉\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Cp>No configuration needed. Works out of the box.\u003C\u002Fp>\n\u003Ch3>💬 Support\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Documentation:\u003C\u002Fstrong> https:\u002F\u002Fbearmor.eu\u002Fdocs\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Support Forum:\u003C\u002Fstrong> https:\u002F\u002Fwordpress.org\u002Fsupport\u002Fplugin\u002Fbearmor-security\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Email:\u003C\u002Fstrong> security@bearmor.eu (PRO users get priority)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>🌟 What Users Say\u003C\u002Fh3>\n\u003Cp>\u003Cem>“Finally, a security plugin that doesn’t make me feel stupid. Everything just works.”\u003C\u002Fem> – Sarah M., Freelancer\u003C\u002Fp>\n\u003Cp>\u003Cem>“Switched from Wordfence. Bearmor is faster and the free version has more features.”\u003C\u002Fem> – Mike T., Agency Owner\u003C\u002Fp>\n\u003Cp>\u003Cem>“The AI analysis feature is a game-changer. It explains threats in plain English.”\u003C\u002Fem> – David R., Small Business Owner\u003C\u002Fp>\n\u003Ch3>Privacy Policy\u003C\u002Fh3>\n\u003Cp>Bearmor Security respects your privacy. Here’s exactly what data we collect and why:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>FREE Users:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Site URL (to identify your installation)\u003Cbr \u002F>\n– Admin email (for security notifications)\u003Cbr \u002F>\n– Plugin version (for update checks)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>PRO Users (in addition to above):\u003C\u002Fstrong>\u003Cbr \u002F>\n– Security scan results (for AI analysis)\u003Cbr \u002F>\n– Uptime monitoring data (ping responses)\u003Cbr \u002F>\n– Firewall block logs (for threat intelligence)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>We NEVER:\u003C\u002Fstrong>\u003Cbr \u002F>\n– Sell your data to third parties\u003Cbr \u002F>\n– Track your website visitors\u003Cbr \u002F>\n– Store passwords or sensitive user data\u003Cbr \u002F>\n– Share data without your explicit consent\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Data Storage:\u003C\u002Fstrong>\u003Cbr \u002F>\n– All data encrypted in transit (HTTPS)\u003Cbr \u002F>\n– Stored on secure servers in EU\u003Cbr \u002F>\n– Retained for 90 days, then automatically deleted\u003Cbr \u002F>\n– You can request data deletion anytime\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Third-Party Services:\u003C\u002Fstrong>\u003Cbr \u002F>\n– OpenAI (ChatGPT) for AI analysis (PRO only)\u003Cbr \u002F>\n– Our own servers for uptime monitoring (PRO only)\u003C\u002Fp>\n\u003Cp>Full privacy policy: https:\u002F\u002Fbearmor.eu\u002Fprivacy\u003Cbr \u002F>\nContact: security@bearmor.eu\u003C\u002Fp>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to external services in certain situations:\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Bearmor API (bearmor.eu)\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>When:\u003C\u002Fstrong> Plugin activation, license verification, PRO features\u003Cbr \u002F>\n– \u003Cstrong>Data sent:\u003C\u002Fstrong> Site URL, admin email, security scan results (PRO only)\u003Cbr \u002F>\n– \u003Cstrong>Purpose:\u003C\u002Fstrong> License management, AI analysis, uptime monitoring\u003Cbr \u002F>\n– \u003Cstrong>Privacy:\u003C\u002Fstrong> https:\u002F\u002Fbearmor.eu\u002Fprivacy\u003Cbr \u002F>\n– \u003Cstrong>Terms:\u003C\u002Fstrong> https:\u002F\u002Fbearmor.eu\u002Fterms\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress.org API (api.wordpress.org)\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>When:\u003C\u002Fstrong> Checking WordPress core file integrity\u003Cbr \u002F>\n– \u003Cstrong>Data sent:\u003C\u002Fstrong> WordPress version number\u003Cbr \u002F>\n– \u003Cstrong>Purpose:\u003C\u002Fstrong> Verify core files haven’t been tampered with\u003Cbr \u002F>\n– \u003Cstrong>Privacy:\u003C\u002Fstrong> https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\u003Cbr \u002F>\n– \u003Cstrong>Terms:\u003C\u002Fstrong> https:\u002F\u002Fwordpress.org\u002Fabout\u002F\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WPVulnerability.net API (wpvulnerability.net)\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>When:\u003C\u002Fstrong> Scanning for known plugin\u002Ftheme vulnerabilities\u003Cbr \u002F>\n– \u003Cstrong>Data sent:\u003C\u002Fstrong> Plugin and theme slugs (names only, no site data)\u003Cbr \u002F>\n– \u003Cstrong>Purpose:\u003C\u002Fstrong> Check for known security vulnerabilities\u003Cbr \u002F>\n– \u003Cstrong>Privacy:\u003C\u002Fstrong> https:\u002F\u002Fwww.wpvulnerability.net\u002Fprivacy-policy\u003Cbr \u002F>\n– \u003Cstrong>Terms:\u003C\u002Fstrong> https:\u002F\u002Fwww.wpvulnerability.net\u002Fterms-of-service\u003C\u002Fp>\n\u003Cp>\u003Cstrong>IP-API.com (ip-api.com)\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>When:\u003C\u002Fstrong> Firewall blocks an IP or login from restricted country\u003Cbr \u002F>\n– \u003Cstrong>Data sent:\u003C\u002Fstrong> IP address only\u003Cbr \u002F>\n– \u003Cstrong>Purpose:\u003C\u002Fstrong> Determine country of origin for geo-blocking\u003Cbr \u002F>\n– \u003Cstrong>Privacy:\u003C\u002Fstrong> https:\u002F\u002Fip-api.com\u002Fdocs\u002Flegal\u003Cbr \u002F>\n– \u003Cstrong>Terms:\u003C\u002Fstrong> Free tier for non-commercial use\u003C\u002Fp>\n\u003Cp>\u003Cstrong>OpenAI API (PRO only)\u003C\u002Fstrong>\u003Cbr \u002F>\n– \u003Cstrong>When:\u003C\u002Fstrong> AI security analysis is requested\u003Cbr \u002F>\n– \u003Cstrong>Data sent:\u003C\u002Fstrong> Anonymized security scan results\u003Cbr \u002F>\n– \u003Cstrong>Purpose:\u003C\u002Fstrong> Generate security recommendations\u003Cbr \u002F>\n– \u003Cstrong>Privacy:\u003C\u002Fstrong> https:\u002F\u002Fopenai.com\u002Fprivacy\u003Cbr \u002F>\n– \u003Cstrong>Note:\u003C\u002Fstrong> No personally identifiable information is sent\u003C\u002Fp>\n\u003Cp>All external connections use HTTPS encryption. FREE users connect for: initial registration, vulnerability checks, and geo-blocking. No security scan data leaves your server unless you upgrade to PRO.\u003C\u002Fp>\n","Lightweight, powerful WordPress security for small businesses. Malware scanning, login protection, 2FA, hardening - most features FREE.",60,955,"2026-02-28T15:35:00.000Z","5.8","7.4",[73,74,19,20,21],"firewall","login-security","https:\u002F\u002Fbearmor.eu","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fbearmor-security.0.9.16.zip",{"slug":78,"name":79,"version":80,"author":81,"author_profile":82,"description":83,"short_description":84,"active_installs":85,"downloaded":86,"rating":25,"num_ratings":31,"last_updated":87,"tested_up_to":14,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":94,"download_link":95,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"guardian-gaze","Guardian Gaze Security – AI Based Malware Scanner, Firewall and Login Protection","2.2.7","RedSecLabs","https:\u002F\u002Fprofiles.wordpress.org\u002Fredseclabs\u002F","\u003Cp>Safeguard your WordPress website from evolving malware, brute force attacks, hidden backdoors, and zero-day vulnerabilities.\u003C\u002Fp>\n\u003Ch3>Guardian Gaze Security – Malware Scanner, AI Backdoor Detection & Login Protection\u003C\u002Fh3>\n\u003Cp>Guardian Gaze is a research-driven WordPress security plugin designed to help website owners, developers, and agencies protect their sites from malware infections, AI-detected backdoors, brute-force attacks, unauthorized file changes, and emerging WordPress vulnerabilities.\u003C\u002Fp>\n\u003Cp>Built by \u003Ca href=\"https:\u002F\u002Fwww.redseclabs.com\" rel=\"nofollow ugc\">RedSecLabs\u003C\u002Fa>, a cybersecurity firm specializing in threat research and detection engineering, Guardian Gaze focuses on:\u003Cbr \u002F>\n• Continuous WordPress security monitoring\u003Cbr \u002F>\n• AI\u002FLLM-assisted malware and backdoor detection\u003Cbr \u002F>\n• Login protection and brute force prevention\u003Cbr \u002F>\n• IP management and traffic filtering\u003Cbr \u002F>\n• WordPress security hardening\u003Cbr \u002F>\n• Clear visibility into your site’s security posture\u003Cbr \u002F>\nDetection logic is supported by ongoing threat intelligence updates, ensuring protection adapts to new and evolving attack techniques.\u003Cbr \u002F>\nGuardian Gaze delivers practical website security for WordPress without aggressive lockouts, excessive alerts, or heavy resource usage.\u003C\u002Fp>\n\u003Ch3>Key Features\u003C\u002Fh3>\n\u003Cp>\u003Cstrong>WordPress Malware Detection & \u003Ca href=\"https:\u002F\u002Fwww.guardiangaze.com\u002Fdocumentation\u002Fai-based-scanner\" rel=\"nofollow ugc\">AI-Based Backdoor Scan\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nGuardian Gaze includes a built-in \u003Ca href=\"https:\u002F\u002Fwww.guardiangaze.com\u002Fdocumentation\u002Fmalware-scan\" rel=\"nofollow ugc\">WordPress malware scanner\u003C\u002Fa> that analyzes WordPress core files, plugins, and themes for suspicious or unauthorized changes.\u003Cbr \u002F>\n• Detects modified or infected files\u003Cbr \u002F>\n• Identifies malware injections, malicious code, and hidden backdoors\u003Cbr \u002F>\n• AI\u002FLLM-assisted backdoor scanning to detect suspicious code patterns\u003Cbr \u002F>\n• Highlights changes in WordPress core, plugin, or theme integrity\u003Cbr \u002F>\n• Designed for continuous monitoring — not one-time scans\u003Cbr \u002F>\n• Helps users review findings before taking action\u003Cbr \u002F>\nThis approach combines traditional detection techniques with AI-assisted analysis for improved backdoor detection and malware discovery in WordPress.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.guardiangaze.com\u002Fdocumentation\u002Fip-management\" rel=\"nofollow ugc\">IP Management & Traffic Filtering\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nManage and reduce unwanted or abusive traffic.\u003Cbr \u002F>\n• Block or allow IP addresses manually\u003Cbr \u002F>\n• Automatically flag suspicious IP behavior\u003Cbr \u002F>\n• Reduce bot noise, vulnerability scanners, and automated attacks\u003Cbr \u002F>\nIdeal for sites experiencing repeated probing or targeted WordPress attacks.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.guardiangaze.com\u002Fdocumentation\" rel=\"nofollow ugc\">Central Security Dashboard\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nView real-time WordPress security events and activity:\u003Cbr \u002F>\n• Latest malware scan results\u003Cbr \u002F>\n• Login attempts and security logs\u003Cbr \u002F>\n• Blocked and flagged IP addresses\u003Cbr \u002F>\n• Alerts, notifications, and system status\u003Cbr \u002F>\nBuilt for both beginners and developers managing multiple WordPress sites.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.guardiangaze.com\u002Fdocumentation\u002Fscheduled-scanning\" rel=\"nofollow ugc\">Scheduled Scanning\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nAutomate malware scans and stay ahead of threats.\u003Cbr \u002F>\n• Weekly, daily, or hourly scan schedules\u003Cbr \u002F>\n• Configure scan recipients and frequency\u003Cbr \u002F>\n• Receive scan results via email\u003Cbr \u002F>\n• Monitor your site’s security regularly\u003C\u002Fp>\n\u003Cp>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fwww.guardiangaze.com\u002Fdocumentation\u002Ffile-integrity\" rel=\"nofollow ugc\">File Integrity Monitoring\u003C\u002Fa>\u003C\u002Fstrong>\u003Cbr \u002F>\nMonitor and alert on unauthorized file changes.\u003Cbr \u002F>\n• Detects modified or infected files\u003Cbr \u002F>\n• Highlights changes in WordPress core, plugin, or theme integrity\u003Cbr \u002F>\n• Helps users understand findings before taking action\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Continuous Threat Intelligence Updates\u003C\u002Fstrong>\u003Cbr \u002F>\nGuardian Gaze receives updated detection logic, indicators, and malware patterns through the Guardian Gaze Security Intelligence API.\u003Cbr \u002F>\nThese updates help:\u003Cbr \u002F>\n• Improve malware detection accuracy\u003Cbr \u002F>\n• Adapt to new WordPress security threats\u003Cbr \u002F>\n• Maintain performance and stability\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Privacy & Data Use\u003C\u002Fstrong>\u003Cbr \u002F>\nGuardian Gaze uses external services only for security functionality such as license validation, threat intelligence updates, optional reporting, and IP geolocation (if enabled).\u003Cbr \u002F>\n• No unnecessary data collection\u003Cbr \u002F>\n• No passwords or sensitive content transmitted\u003Cbr \u002F>\n• Secure WordPress-native API communication\u003Cbr \u002F>\n• Optional features can be disabled\u003Cbr \u002F>\n• Only security metadata required for functionality is processed\u003Cbr \u002F>\nGuardian Gaze follows a privacy-first design.\u003C\u002Fp>\n\u003Ch3>External Services Used\u003C\u002Fh3>\n\u003Cp>Guardian Gaze connects to the following services to provide security features and functionality:\u003C\u002Fp>\n\u003Ch4>1. Guardian Gaze API – wp-api.guardiangaze.com\u003C\u002Fh4>\n\u003Cp>Used for license validation, malware pattern updates, threat intelligence updates, and optional email reporting.\u003Cbr \u002F>\nData Sent:\u003Cbr \u002F>\n• Admin email\u003Cbr \u002F>\n• Site URL\u003Cbr \u002F>\n• API key\u003Cbr \u002F>\n• Plugin version and definitions version\u003Cbr \u002F>\n• IP addresses (for global blocking features)\u003Cbr \u002F>\n• Scan report data (if email reporting is enabled)\u003Cbr \u002F>\nTerms of Service: https:\u002F\u002Fwww.guardiangaze.com\u002Fterms-of-service\u002F\u003Cbr \u002F>\nPrivacy Policy: https:\u002F\u002Fwww.guardiangaze.com\u002Fprivacy-policy\u002F\u003C\u002Fp>\n\u003Ch4>2. Guardian Gaze API – www.guardiangaze.com\u003C\u002Fh4>\n\u003Cp>Used for plugin registration.\u003Cbr \u002F>\nData Sent:\u003Cbr \u002F>\n• Site URL\u003Cbr \u002F>\nTerms of Service: https:\u002F\u002Fwww.guardiangaze.com\u002Fterms-of-service\u002F\u003Cbr \u002F>\nPrivacy Policy: https:\u002F\u002Fwww.guardiangaze.com\u002Fprivacy-policy\u002F\u003C\u002Fp>\n\u003Ch4>3. WordPress.org API – api.wordpress.org\u003C\u002Fh4>\n\u003Cp>Used for WordPress core file integrity checks and version validation.\u003Cbr \u002F>\nData Sent:\u003Cbr \u002F>\n• WordPress version\u003Cbr \u002F>\n• Locale \u002F language\u003Cbr \u002F>\nTerms of Service: https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\u003Cbr \u002F>\nPrivacy Policy: https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\u003C\u002Fp>\n\u003Ch4>4. Guardian Gaze Country API – wp-api.guardiangaze.com\u002Fcountry.php\u003C\u002Fh4>\n\u003Cp>Used for IP address geolocation.\u003Cbr \u002F>\nData Sent:\u003Cbr \u002F>\n• Visitor IP address\u003Cbr \u002F>\nTerms of Service: https:\u002F\u002Fwww.guardiangaze.com\u002Fterms-of-service\u002F\u003Cbr \u002F>\nPrivacy Policy: https:\u002F\u002Fwww.guardiangaze.com\u002Fprivacy-policy\u002F\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Important Notes\u003C\u002Fstrong>\u003Cbr \u002F>\n• All API calls use WordPress wp_remote_get() and wp_remote_post()\u003Cbr \u002F>\n• Data is transferred over HTTPS whenever available\u003Cbr \u002F>\n• No user passwords or sensitive content is collected or transmitted\u003Cbr \u002F>\n• Geolocation lookups are cached to limit external requests\u003C\u002Fp>\n\u003Ch3>About RedSecLabs\u003C\u002Fh3>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fwww.redseclabs.com\" rel=\"nofollow ugc\">RedSecLabs\u003C\u002Fa> is a cybersecurity company focused on threat research, detection engineering, and building defensive tools for real-world scenarios.\u003Cbr \u002F>\nGuardian Gaze reflects this philosophy by offering a transparent, research-backed WordPress security plugin with AI-assisted backdoor detection, built for long-term reliability and practical protection.\u003C\u002Fp>\n","Safeguard your WordPress website from evolving malware, brute force attacks, hidden backdoors, and zero-day vulnerabilities.",10,1012,"2026-04-08T08:55:00.000Z","4.7","7.0",[91,92,18,93,20],"ai-malware-scanner","ip-management","malware","https:\u002F\u002Fwww.guardiangaze.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fguardian-gaze.2.2.7.zip",{"slug":97,"name":98,"version":99,"author":100,"author_profile":101,"description":102,"short_description":103,"active_installs":11,"downloaded":104,"rating":11,"num_ratings":11,"last_updated":105,"tested_up_to":14,"requires_at_least":15,"requires_php":16,"tags":106,"homepage":108,"download_link":109,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"atlant-security","Atlant Security","1.1.2","Atlant","https:\u002F\u002Fprofiles.wordpress.org\u002Fxorred\u002F","\u003Cp>\u003Cstrong>Atlant Security\u003C\u002Fstrong> is a comprehensive WordPress security plugin that provides enterprise-grade protection through 17 integrated security modules organized in a 5-layer defense architecture.\u003C\u002Fp>\n\u003Ch4>5-Layer Defense Architecture\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\u003Cstrong>Pre-WordPress WAF\u003C\u002Fstrong> — Firewall, rate limiter, and IP blocking run before WordPress processes the request.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Application-Aware\u003C\u002Fstrong> — Login security, custom login URL, two-factor authentication, session hardening, cron monitoring, and REST API policies.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Content & Config\u003C\u002Fstrong> — WordPress hardening, security headers, AI crawler management, and honeypot traps.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Outbound & Data\u003C\u002Fstrong> — SSRF prevention, malware scanning (files and database).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Response & Recovery\u003C\u002Fstrong> — Post-breach recovery, notifications, visitor log, and audit log.\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Key Features\u003C\u002Fh4>\n\u003Cp>\u003Cstrong>Web Application Firewall (WAF)\u003C\u002Fstrong>\u003Cbr \u002F>\nInspects every request against 28+ attack pattern families including SQL injection, XSS, remote code execution, path traversal, PHP object injection, and WordPress-specific attacks. Block or log-only mode. Triple URL decoding prevents evasion.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Brute Force Protection\u003C\u002Fstrong>\u003Cbr \u002F>\nProgressive lockout system (5 min > 30 min > 24 hours) with configurable thresholds. Generic login error messages prevent username enumeration. Author enumeration blocking.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Malware Scanner\u003C\u002Fstrong>\u003Cbr \u002F>\nLocal file and database scanner with 38 malware signatures. Detects backdoors, webshells (WSO, c99, r57), crypto miners, credit card skimmers, and obfuscated code. Quarantine system with web access blocking.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Two-Factor Authentication (2FA)\u003C\u002Fstrong>\u003Cbr \u002F>\nTOTP (Google Authenticator, Authy) and email OTP. Per-role enforcement, 10 recovery codes, 5-minute challenge timeout, replay attack prevention.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Honeypot Traps\u003C\u002Fstrong>\u003Cbr \u002F>\nZero-false-positive bot detection: hidden link traps, fake login pages, comment honeypots, and Contact Form 7 integration. 3-layer safe bot protection ensures Googlebot, Bingbot, and allowed AI crawlers are never blocked.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>AI Crawler Management\u003C\u002Fstrong>\u003Cbr \u002F>\nControl 20+ known AI\u002FLLM training crawlers (GPTBot, ClaudeBot, Google-Extended, Bytespider, and more). Per-crawler toggles, robots.txt integration, and 403 enforcement. Block training crawlers while allowing browsing bots.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Security Headers\u003C\u002Fstrong>\u003Cbr \u002F>\nManage HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, CSP, CORP, and COOP. Letter-grade scoring system. Remove X-Powered-By and Server headers.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Session Security\u003C\u002Fstrong>\u003Cbr \u002F>\nCookie hardening (HttpOnly, Secure, SameSite). Session binding via IP + User-Agent fingerprint detects hijacking. Concurrent session limits. Idle timeout. Optional admin bypass for all session restrictions.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Rate Limiter\u003C\u002Fstrong>\u003Cbr \u002F>\nSliding-window rate limiting across 11 endpoint categories: frontend, login, search, feed, REST API, WooCommerce checkout, XML-RPC, and cron.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>REST API Policies\u003C\u002Fstrong>\u003Cbr \u002F>\nPer-route access control with authentication requirements, HTTP method restrictions, rate limits, and IP whitelists. 5 built-in policies protect user enumeration, search, and write endpoints.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Cron Guard\u003C\u002Fstrong>\u003Cbr \u002F>\nMonitors wp-cron.php for flood attacks. Detects suspicious scheduled tasks via baseline comparison. System cron migration helper.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Outbound Monitor (SSRF Prevention)\u003C\u002Fstrong>\u003Cbr \u002F>\nMonitors all outgoing HTTP requests. Blocks requests to private\u002Finternal IP ranges including cloud metadata endpoints. Domain allowlist with wildcard support. Caller detection traces requests to specific plugins.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Post-Breach Recovery\u003C\u002Fstrong>\u003Cbr \u002F>\n12 emergency actions: terminate sessions, force password reset, rotate secret keys, emergency lockdown, reinstall core, reinstall plugins, audit admin accounts, clear caches, malware scan, disable plugins, and downloadable incident report.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Real-Time Dashboard\u003C\u002Fstrong>\u003Cbr \u002F>\nLive visitor monitoring with 15-second auto-refresh. Stat cards, traffic charts, top IPs with VirusTotal integration, browser distribution, and IP detail modals.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Visitor Log & Audit Log\u003C\u002Fstrong>\u003Cbr \u002F>\nComplete request history with filters (IP, URL, bots, blocked, time range). Tamper-resistant admin action audit trail.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Notifications\u003C\u002Fstrong>\u003Cbr \u002F>\nEmail alerts (HTML formatted, color-coded severity), Slack webhooks, custom JSON webhooks, and daily digest. Configurable severity threshold with 5-minute deduplication.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>WordPress Hardening\u003C\u002Fstrong>\u003Cbr \u002F>\nOne-click toggles: disable XML-RPC, hide WordPress version, block REST API user enumeration, block author enumeration, disable file editor, block PHP execution in uploads.\u003C\u002Fp>\n\u003Ch4>What Makes Atlant Security Different\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Pre-WordPress WAF\u003C\u002Fstrong> — Blocks attacks via auto_prepend_file before WordPress even loads\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Outbound HTTP Monitor\u003C\u002Fstrong> — Detects SSRF attacks and unauthorized outbound connections\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database Backdoor Scanner\u003C\u002Fstrong> — Scans wp_options and wp_posts for eval(), base64, and hidden backdoors\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Client-Side Bot Detection\u003C\u002Fstrong> — JavaScript challenges and browser fingerprinting catch sophisticated bots\u003C\u002Fli>\n\u003Cli>\u003Cstrong>AI\u002FLLM Crawler Blocking\u003C\u002Fstrong> — Identify and block AI training crawlers scraping your content\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Honeypot Traps\u003C\u002Fstrong> — Hidden links, fake login pages, invisible form fields that only bots trigger\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cron Guard\u003C\u002Fstrong> — Monitors wp-cron for unauthorized scheduled tasks planted by malware\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Post-Breach Recovery\u003C\u002Fstrong> — Guided recovery toolkit with 12 emergency actions in one place\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Session Fingerprint Binding\u003C\u002Fstrong> — Binds sessions to IP + User-Agent so stolen cookies are useless\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Visitor Dashboard\u003C\u002Fstrong> — Live visitor feed updated every 15 seconds\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Password Policy\u003C\u002Fstrong> — Minimum length, complexity, common-password blocking, and passphrase support\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Granular REST API Policies\u003C\u002Fstrong> — Per-endpoint control, not just a global on\u002Foff switch\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Safe Mode Override\u003C\u002Fstrong> — One constant in wp-config.php disables all blocking features instantly\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Deactivation Data Control\u003C\u002Fstrong> — Choose to keep or wipe all security data when deactivating\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero phone-home\u003C\u002Fstrong> — No telemetry, no tracking, fully GDPR-compliant (external services used only when explicitly enabled by the admin — see External Services section)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Why Atlant Security?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>All-in-one\u003C\u002Fstrong> — Replaces 5-6 separate security plugins\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No external dependencies\u003C\u002Fstrong> — Core security features run locally on your server\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero phone-home\u003C\u002Fstrong> — No telemetry, no tracking (optional features like GeoIP use external services only when explicitly enabled — see External Services section)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>GDPR-friendly\u003C\u002Fstrong> — No external fonts, no CDN resources\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Setup wizard\u003C\u002Fstrong> — Configure core security in under 2 minutes\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Clean uninstall\u003C\u002Fstrong> — Removes all database tables and options when deleted (opt-in)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Safe Mode\u003C\u002Fstrong> — Emergency override if you get locked out of your site\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin connects to the following third-party services under specific conditions:\u003C\u002Fp>\n\u003Ch4>Cloudflare IP Ranges\u003C\u002Fh4>\n\u003Cp>When Cloudflare integration is enabled, the plugin periodically fetches the current list of Cloudflare edge IP ranges from Cloudflare’s official endpoints. This is used to correctly identify visitor IP addresses behind the Cloudflare proxy and to whitelist Cloudflare edge servers.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data sent: No user data is sent. The plugin fetches publicly available IP range lists.\u003C\u002Fli>\n\u003Cli>When: Once per week via a scheduled cron job (aswp_refresh_cloudflare_ips), only when Cloudflare integration is enabled.\u003C\u002Fli>\n\u003Cli>Endpoints: https:\u002F\u002Fwww.cloudflare.com\u002Fips-v4 and https:\u002F\u002Fwww.cloudflare.com\u002Fips-v6\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fterms\u002F\" rel=\"nofollow ugc\">Cloudflare Terms of Use\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\" rel=\"nofollow ugc\">Cloudflare Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>MaxMind GeoLite2 GeoIP Database\u003C\u002Fh4>\n\u003Cp>When GeoIP country detection is enabled and a MaxMind license key is configured, the plugin downloads the GeoLite2-Country database from MaxMind. This database is stored locally and used to resolve visitor IP addresses to country codes for display in the visitor log and dashboard.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data sent: Your MaxMind license key is sent to authenticate the download request. No visitor data is sent to MaxMind.\u003C\u002Fli>\n\u003Cli>When: On initial setup and once per week via a scheduled cron job (aswp_update_geoip_db), only when GeoIP is enabled and a license key is configured.\u003C\u002Fli>\n\u003Cli>Endpoint: https:\u002F\u002Fdownload.maxmind.com\u002Fapp\u002Fgeoip_download\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\u002Fen\u002Fgeolite2\u002Feula\" rel=\"nofollow ugc\">MaxMind End User License Agreement\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.maxmind.com\u002Fen\u002Fprivacy-policy\" rel=\"nofollow ugc\">MaxMind Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Google IP Ranges\u003C\u002Fh4>\n\u003Cp>When Google integration is enabled in the IP Whitelist, the plugin periodically fetches the current list of Google IP ranges from Google’s official endpoint. This is used to automatically whitelist known Google infrastructure IPs (Googlebot, Google Cloud, etc.) so legitimate Google traffic is never blocked.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data sent: No user data is sent. The plugin fetches a publicly available JSON file containing Google IP ranges.\u003C\u002Fli>\n\u003Cli>When: Once per week via a scheduled cron job (aswp_refresh_google_ips), only when Google integration is enabled.\u003C\u002Fli>\n\u003Cli>Endpoint: https:\u002F\u002Fwww.gstatic.com\u002Fipranges\u002Fgoog.json\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fterms\" rel=\"nofollow ugc\">Google Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fpolicies.google.com\u002Fprivacy\" rel=\"nofollow ugc\">Google Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Microsoft \u002F Bing IP Ranges\u003C\u002Fh4>\n\u003Cp>When Microsoft integration is enabled in the IP Whitelist, the plugin periodically fetches the current list of Bing bot IP ranges from Microsoft’s official endpoint. This is used to automatically whitelist known Bing crawler IPs so legitimate Bing traffic is never blocked.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data sent: No user data is sent. The plugin fetches a publicly available JSON file containing Bing bot IP ranges.\u003C\u002Fli>\n\u003Cli>When: Once per week via a scheduled cron job (aswp_refresh_microsoft_ips), only when Microsoft integration is enabled.\u003C\u002Fli>\n\u003Cli>Endpoint: https:\u002F\u002Fwww.bing.com\u002Ftoolbox\u002Fbingbot.json\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fservicesagreement\u002F\" rel=\"nofollow ugc\">Microsoft Services Agreement\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fprivacy.microsoft.com\u002Fen-us\u002Fprivacystatement\" rel=\"nofollow ugc\">Microsoft Privacy Statement\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>WordPress.org Secret Key API\u003C\u002Fh4>\n\u003Cp>The Post-Breach Recovery module can generate new WordPress secret keys and salts using the official WordPress.org API. This is used when an administrator manually triggers the “Rotate Secret Keys” emergency action after a security breach.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data sent: No user data is sent. The plugin fetches randomly generated keys from the API.\u003C\u002Fli>\n\u003Cli>When: Only when an administrator manually triggers the “Rotate Secret Keys” action in the Post-Breach Recovery module.\u003C\u002Fli>\n\u003Cli>Endpoint: https:\u002F\u002Fapi.wordpress.org\u002Fsecret-key\u002F1.1\u002Fsalt\u002F\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fabout\u002Fdomains\u002F\" rel=\"ugc\">WordPress.org Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\" rel=\"ugc\">WordPress.org Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Slack Webhooks\u003C\u002Fh4>\n\u003Cp>When Slack notifications are enabled and a Slack webhook URL is configured, the plugin sends security alert messages to the specified Slack channel. This allows administrators to receive real-time security notifications in Slack.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data sent: Security alert messages containing the alert subject, description, severity level, site URL, and the IP address that triggered the alert. No visitor personal data or cookies are sent.\u003C\u002Fli>\n\u003Cli>When: Only when a security event occurs (e.g., brute force attempt, WAF block, honeypot trip) and Slack notifications are enabled.\u003C\u002Fli>\n\u003Cli>Endpoint: Administrator-configured Slack Incoming Webhook URL (e.g., https:\u002F\u002Fhooks.slack.com\u002Fservices\u002F…)\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fslack.com\u002Fterms-of-service\" rel=\"nofollow ugc\">Slack Terms of Service\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fslack.com\u002Fprivacy-policy\" rel=\"nofollow ugc\">Slack Privacy Policy\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Custom Webhooks\u003C\u002Fh4>\n\u003Cp>When webhook notifications are enabled and a webhook URL is configured, the plugin sends security alert payloads in JSON format to the specified endpoint. This allows integration with any external monitoring or alerting system.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Data sent: JSON payload containing the alert subject, description, severity level, site URL, timestamp, and the IP address that triggered the alert. No visitor personal data or cookies are sent.\u003C\u002Fli>\n\u003Cli>When: Only when a security event occurs and webhook notifications are enabled.\u003C\u002Fli>\n\u003Cli>Endpoint: Administrator-configured webhook URL.\u003C\u002Fli>\n\u003Cli>Terms and privacy: Determined by the third-party service the administrator configures.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Upgrade Notices\u003C\u002Fh3>\n\u003Ch4>1.1.2\u003C\u002Fh4>\n\u003Cp>New About page consolidates defense architecture and competitive features. Setup wizard no longer auto-redirects on activation. Dashboard is cleaner with focus on operational data.\u003C\u002Fp>\n\u003Ch4>1.0.7\u003C\u002Fh4>\n\u003Cp>Major UI overhaul: inner sidebar navigation replaces 23 WordPress submenu items with a clean, persistent sidebar panel. All page URLs remain the same — bookmarks still work.\u003C\u002Fp>\n\u003Ch4>1.0.4\u003C\u002Fh4>\n\u003Cp>Adds GeoIP country flags in visitor log, custom login URL, password policy enforcement, and Force SSL Admin setting. Internal prefix migration runs automatically — no action required.\u003C\u002Fp>\n\u003Ch4>1.0.3\u003C\u002Fh4>\n\u003Cp>Adds honeypot traps, security headers management, two-factor authentication, and notification channels. Fixes IP management and status code logging. Recommended update.\u003C\u002Fp>\n\u003Ch4>1.0.0\u003C\u002Fh4>\n\u003Cp>Initial release. Run the Setup Wizard after activation to configure your site’s security.\u003C\u002Fp>\n","Enterprise-grade WordPress security: WAF, brute force protection, malware scanner, 2FA, honeypots, AI crawler control, and post-breach recovery.",120,"2026-03-30T20:31:00.000Z",[107,73,19,20,21],"brute-force","https:\u002F\u002Fatlantsecurity.com\u002Flearn\u002Fwe-are-releasing-the-best-security-plugin-for-wordpress-in-existence\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fatlant-security.1.1.2.zip",{"slug":111,"name":112,"version":113,"author":114,"author_profile":115,"description":116,"short_description":117,"active_installs":11,"downloaded":118,"rating":11,"num_ratings":11,"last_updated":119,"tested_up_to":14,"requires_at_least":70,"requires_php":71,"tags":120,"homepage":121,"download_link":122,"security_score":25,"vuln_count":11,"unpatched_count":11,"last_vuln_date":26,"fetched_at":27},"freelancebo-sentra-control","FreelanceBo Sentra Control","2.4.0","FreelanceBo Group S.r.l.s","https:\u002F\u002Fprofiles.wordpress.org\u002Ffreelancebo\u002F","\u003Cp>FreelanceBo Sentra Control is a comprehensive WordPress security plugin that connects your site to the Sentra central console, providing enterprise-grade protection.\u003C\u002Fp>\n\u003Ch4>Features\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Web Application Firewall (WAF)\u003C\u002Fstrong> – Block malicious requests, SQL injection, XSS, and other common attacks\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Malware Scanner\u003C\u002Fstrong> – Scan WordPress core files, themes, and plugins for known malware signatures\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Vulnerability Scanner\u003C\u002Fstrong> – Check installed plugins and themes against known vulnerability databases\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Brute Force Protection\u003C\u002Fstrong> – Limit login attempts and block attackers automatically\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Integrity Monitoring\u003C\u002Fstrong> – Detect unauthorized changes to WordPress core files\u003C\u002Fli>\n\u003Cli>\u003Cstrong>IP Blocklist\u003C\u002Fstrong> – Manage blocked IPs manually or automatically based on threat detection\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Events Log\u003C\u002Fstrong> – Track all security events with detailed logging\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Central Console\u003C\u002Fstrong> – Manage multiple WordPress sites from a single dashboard\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works\u003C\u002Fh4>\n\u003Col>\n\u003Cli>Install and activate the plugin on your WordPress site\u003C\u002Fli>\n\u003Cli>Connect to your Sentra central console by entering the server URL and API key in Settings\u003C\u002Fli>\n\u003Cli>The plugin automatically starts monitoring your site and reporting to the console\u003C\u002Fli>\n\u003Cli>View scan results, manage firewall rules, and review security events from either the WordPress admin panel or the central console\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Requirements\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>WordPress 5.8 or higher\u003C\u002Fli>\n\u003Cli>PHP 7.4 or higher\u003C\u002Fli>\n\u003Cli>A Sentra central console account (available at freelancebo.it)\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>External Services\u003C\u002Fh3>\n\u003Cp>This plugin relies on the following external services:\u003C\u002Fp>\n\u003Ch4>FreelanceBo Sentra Control Console\u003C\u002Fh4>\n\u003Cp>This plugin connects to a self-hosted FreelanceBo Sentra Control central console for centralized security monitoring and management. This connection is essential for the plugin to function.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Site URL, WordPress version, PHP version, and installed plugins\u002Fthemes list (during heartbeat and scans)\u003Cbr \u002F>\n* Security events (firewall blocks, failed login attempts, malware detections, file integrity changes)\u003Cbr \u002F>\n* Scan results (malware scan, vulnerability scan, integrity scan findings)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* On plugin activation and periodically via heartbeat (every 5 minutes)\u003Cbr \u002F>\n* When security events occur (login attempts, firewall blocks)\u003Cbr \u002F>\n* When scans are triggered (manually or via scheduled cron)\u003Cbr \u002F>\n* When the admin manages firewall rules, blocklists, or settings\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service provider:\u003C\u002Fstrong> FreelanceBo Group S.r.l.s., Bologna, Italy\u003Cbr \u002F>\n* Service URL: \u003Ca href=\"https:\u002F\u002Fsentra.freelancebo.it\" rel=\"nofollow ugc\">https:\u002F\u002Fsentra.freelancebo.it\u003C\u002Fa>\u003Cbr \u002F>\n* Terms of Service: \u003Ca href=\"https:\u002F\u002Fsentra.freelancebo.it\u002Fterms\" rel=\"nofollow ugc\">https:\u002F\u002Fsentra.freelancebo.it\u002Fterms\u003C\u002Fa>\u003Cbr \u002F>\n* Privacy Policy: \u003Ca href=\"https:\u002F\u002Fsentra.freelancebo.it\u002Fprivacy\" rel=\"nofollow ugc\">https:\u002F\u002Fsentra.freelancebo.it\u002Fprivacy\u003C\u002Fa>\u003C\u002Fp>\n\u003Cp>The console server URL is configurable by the user in the plugin settings. All data is transmitted over HTTPS. Data is stored on EU-based servers in compliance with GDPR.\u003C\u002Fp>\n\u003Ch4>WordPress.org API\u003C\u002Fh4>\n\u003Cp>The vulnerability scanner module uses the official WordPress.org API to retrieve information about installed plugins, themes, and WordPress core version. This is necessary to check for known vulnerabilities and outdated software.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>What data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* Plugin slugs, theme slugs, and WordPress core version\u003C\u002Fp>\n\u003Cp>\u003Cstrong>When data is sent:\u003C\u002Fstrong>\u003Cbr \u002F>\n* When a vulnerability scan is triggered (manually or via scheduled cron)\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Service provider:\u003C\u002Fstrong> WordPress.org\u003Cbr \u002F>\n* API endpoint: \u003Ca href=\"https:\u002F\u002Fapi.wordpress.org\" rel=\"nofollow ugc\">https:\u002F\u002Fapi.wordpress.org\u003C\u002Fa>\u003Cbr \u002F>\n* Terms of Service: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\u003C\u002Fa>\u003Cbr \u002F>\n* Privacy Policy: \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\" rel=\"ugc\">https:\u002F\u002Fwordpress.org\u002Fabout\u002Fprivacy\u002F\u003C\u002Fa>\u003C\u002Fp>\n","Security agent connecting to FreelanceBo Sentra Control console for WAF, malware scanning, brute force protection, and vulnerability scanning.",372,"2026-03-22T19:55:00.000Z",[107,73,19,20,22],"https:\u002F\u002Ffreelancebo.it","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Ffreelancebo-sentra-control.2.4.0.zip",{"attackSurface":124,"codeSignals":279,"taintFlows":319,"riskAssessment":379,"analyzedAt":384},{"hooks":125,"ajaxHandlers":256,"restRoutes":275,"shortcodes":276,"cronEvents":277,"entryPointCount":278,"unprotectedCount":11},[126,132,136,140,145,149,150,155,159,164,169,172,176,178,182,186,189,193,197,201,205,209,213,217,221,225,229,233,237,241,245,249,252,254],{"type":127,"name":128,"callback":129,"priority":85,"file":130,"line":131},"action","wp_login","intercept_login","includes\u002Fclass-patchwork-2fa.php",15,{"type":127,"name":133,"callback":134,"file":130,"line":135},"init","handle_2fa_page",16,{"type":127,"name":137,"callback":138,"file":130,"line":139},"admin_enqueue_scripts","enqueue_assets",20,{"type":127,"name":141,"callback":142,"file":143,"line":144},"admin_menu","register_menu","includes\u002Fclass-patchwork-admin.php",8,{"type":127,"name":146,"callback":147,"file":143,"line":148},"admin_init","register_settings",9,{"type":127,"name":137,"callback":138,"file":143,"line":85},{"type":127,"name":151,"callback":152,"file":153,"line":154},"login_enqueue_scripts","enqueue_scripts","includes\u002Fclass-patchwork-captcha.php",24,{"type":127,"name":156,"callback":157,"file":153,"line":158},"login_form","add_captcha_field",25,{"type":160,"name":161,"callback":162,"priority":139,"file":153,"line":163},"filter","authenticate","verify_captcha",26,{"type":160,"name":165,"callback":166,"file":167,"line":168},"wp_mail_content_type","closure","includes\u002Fclass-patchwork-cron.php",222,{"type":160,"name":161,"callback":170,"priority":158,"file":171,"line":154},"block_by_country","includes\u002Fclass-patchwork-geoip.php",{"type":127,"name":133,"callback":173,"file":174,"line":175},"maybe_consume_token","includes\u002Fclass-patchwork-magic-link.php",32,{"type":127,"name":137,"callback":138,"file":174,"line":177},35,{"type":127,"name":179,"callback":180,"file":181,"line":177},"plugins_loaded","maybe_create_table","includes\u002Fclass-ssp-audit-log.php",{"type":127,"name":183,"callback":184,"file":181,"line":185},"wp_loaded","schedule_purge",41,{"type":127,"name":128,"callback":187,"priority":85,"file":181,"line":188},"on_login",135,{"type":127,"name":190,"callback":191,"priority":85,"file":181,"line":192},"wp_login_failed","on_login_failed",136,{"type":127,"name":194,"callback":195,"file":181,"line":196},"wp_logout","on_logout",137,{"type":127,"name":198,"callback":199,"priority":85,"file":181,"line":200},"activated_plugin","on_plugin_activated",140,{"type":127,"name":202,"callback":203,"priority":85,"file":181,"line":204},"deactivated_plugin","on_plugin_deactivated",141,{"type":127,"name":206,"callback":207,"priority":85,"file":181,"line":208},"upgrader_process_complete","on_upgrader_complete",142,{"type":127,"name":210,"callback":211,"priority":85,"file":181,"line":212},"delete_plugin","on_plugin_deleted",143,{"type":127,"name":214,"callback":215,"priority":85,"file":181,"line":216},"updated_option","on_option_updated",146,{"type":127,"name":218,"callback":219,"priority":85,"file":181,"line":220},"added_option","on_option_added",147,{"type":127,"name":222,"callback":223,"file":181,"line":224},"ssp_scan_run","on_scan_run",150,{"type":127,"name":226,"callback":227,"file":181,"line":228},"ssp_baseline_reset","on_baseline_reset",151,{"type":127,"name":230,"callback":231,"priority":85,"file":181,"line":232},"ssp_2fa_enrolled","on_2fa_enrolled",152,{"type":127,"name":234,"callback":235,"priority":85,"file":181,"line":236},"ssp_2fa_disabled","on_2fa_disabled",153,{"type":127,"name":238,"callback":239,"priority":85,"file":181,"line":240},"ssp_magic_link_sent","on_magic_link_sent",154,{"type":127,"name":242,"callback":243,"priority":85,"file":181,"line":244},"ssp_magic_link_login","on_magic_link_login",155,{"type":127,"name":246,"callback":247,"priority":85,"file":181,"line":248},"ssp_geo_block","on_geo_block",156,{"type":127,"name":190,"callback":166,"file":250,"line":251},"patchwork.php",33,{"type":160,"name":161,"callback":166,"priority":32,"file":250,"line":253},50,{"type":127,"name":128,"callback":166,"priority":85,"file":250,"line":255},65,[257,263,267,271],{"action":258,"nopriv":259,"callback":260,"hasNonce":261,"hasCapCheck":261,"file":130,"line":262},"patchwork_setup_2fa",false,"ajax_setup_2fa",true,17,{"action":264,"nopriv":259,"callback":265,"hasNonce":261,"hasCapCheck":261,"file":130,"line":266},"patchwork_verify_setup","ajax_verify_setup",18,{"action":268,"nopriv":259,"callback":269,"hasNonce":261,"hasCapCheck":261,"file":130,"line":270},"patchwork_disable_2fa","ajax_disable_2fa",19,{"action":272,"nopriv":259,"callback":273,"hasNonce":261,"hasCapCheck":261,"file":174,"line":274},"patchwork_send_magic_link","ajax_send_link",29,[],[],[],4,{"dangerousFunctions":280,"sqlUsage":281,"outputEscaping":283,"fileOperations":11,"externalRequests":316,"nonceChecks":144,"capabilityChecks":317,"bundledLibraries":318},[],{"prepared":270,"raw":11,"locations":282},[],{"escaped":284,"rawEcho":131,"locations":285},218,[286,289,291,293,295,297,299,301,303,305,307,309,311,313,315],{"file":287,"line":168,"context":288},"admin\u002Fviews\u002Fdashboard.php","raw output",{"file":287,"line":290,"context":288},229,{"file":287,"line":292,"context":288},239,{"file":287,"line":294,"context":288},276,{"file":287,"line":296,"context":288},303,{"file":287,"line":298,"context":288},312,{"file":287,"line":300,"context":288},331,{"file":287,"line":302,"context":288},353,{"file":287,"line":304,"context":288},367,{"file":287,"line":306,"context":288},389,{"file":287,"line":308,"context":288},401,{"file":287,"line":310,"context":288},434,{"file":181,"line":312,"context":288},438,{"file":181,"line":314,"context":288},515,{"file":181,"line":314,"context":288},14,7,[],[320,343,360,371],{"entryPoint":321,"graph":322,"unsanitizedCount":57,"severity":342},"handle_2fa_page (includes\u002Fclass-patchwork-2fa.php:36)",{"nodes":323,"edges":339},[324,329,333],{"id":325,"type":326,"label":327,"file":130,"line":328},"n0","source","$_POST (x3)",53,{"id":330,"type":331,"label":332,"file":130,"line":328},"n1","transform","→ render_2fa_page()",{"id":334,"type":335,"label":336,"file":130,"line":337,"wp_function":338},"n2","sink","echo() [XSS]",122,"echo",[340,341],{"from":325,"to":330,"sanitized":259},{"from":330,"to":334,"sanitized":259},"medium",{"entryPoint":344,"graph":345,"unsanitizedCount":57,"severity":342},"\u003Cclass-patchwork-2fa> (includes\u002Fclass-patchwork-2fa.php:0)",{"nodes":346,"edges":356},[347,350,351,352,354],{"id":325,"type":326,"label":348,"file":130,"line":349},"$_POST",42,{"id":330,"type":335,"label":336,"file":130,"line":337,"wp_function":338},{"id":334,"type":326,"label":327,"file":130,"line":328},{"id":353,"type":331,"label":332,"file":130,"line":328},"n3",{"id":355,"type":335,"label":336,"file":130,"line":337,"wp_function":338},"n4",[357,358,359],{"from":325,"to":330,"sanitized":261},{"from":334,"to":353,"sanitized":259},{"from":353,"to":355,"sanitized":259},{"entryPoint":361,"graph":362,"unsanitizedCount":11,"severity":370},"render_tab (includes\u002Fclass-ssp-audit-log.php:393)",{"nodes":363,"edges":368},[364,367],{"id":325,"type":326,"label":365,"file":181,"line":366},"$_GET",398,{"id":330,"type":335,"label":336,"file":181,"line":314,"wp_function":338},[369],{"from":325,"to":330,"sanitized":261},"low",{"entryPoint":372,"graph":373,"unsanitizedCount":11,"severity":370},"\u003Cclass-ssp-audit-log> (includes\u002Fclass-ssp-audit-log.php:0)",{"nodes":374,"edges":377},[375,376],{"id":325,"type":326,"label":365,"file":181,"line":366},{"id":330,"type":335,"label":336,"file":181,"line":314,"wp_function":338},[378],{"from":325,"to":330,"sanitized":261},{"summary":380,"deductions":381},"The squish-site-patrol plugin version 1.5.0 exhibits a generally good security posture, with several key strengths evident in the static analysis. The absence of raw SQL queries, with 100% utilizing prepared statements, significantly mitigates SQL injection risks. Furthermore, the high percentage of properly escaped output (94%) and the presence of nonces and capability checks on its AJAX handlers indicate a solid defense against common cross-site scripting and cross-site request forgery attacks. The plugin also has no recorded vulnerability history, which is a positive indicator of its past security.\n\nHowever, there are areas that warrant attention. The presence of two taint flows with unsanitized paths, while not classified as critical or high severity in this analysis, represents a potential risk. Although the attack surface is relatively small with only 4 AJAX handlers, and all appear to have authentication checks, the existence of these unsanitized paths suggests a potential for unexpected behavior or unintended data handling if these flows are exploited. The plugin's reliance on external HTTP requests, though not inherently a vulnerability, increases its dependency on external factors and could be an indirect attack vector if the external services are compromised or manipulated.\n\nIn conclusion, squish-site-patrol v1.5.0 is performing well in terms of fundamental security practices like SQL sanitization and output escaping. The primary concern lies with the two identified unsanitized taint flows, which require further investigation to ensure no exploitable weaknesses exist. The overall low risk profile is encouraging, but vigilance regarding the taint analysis findings is recommended.",[382],{"reason":383,"points":317},"Taint flows with unsanitized paths found","2026-04-16T14:34:29.008Z",{"wat":386,"direct":399},{"assetPaths":387,"generatorPatterns":392,"scriptPaths":393,"versionParams":394},[388,389,390,391],"\u002Fwp-content\u002Fplugins\u002Fsquish-site-patrol\u002Fassets\u002Fcss\u002Fpatchwork-admin.css","\u002Fwp-content\u002Fplugins\u002Fsquish-site-patrol\u002Fassets\u002Fjs\u002Fpatchwork-admin.js","\u002Fwp-content\u002Fplugins\u002Fsquish-site-patrol\u002Fassets\u002Fcss\u002Fpatchwork-2fa.css","\u002Fwp-content\u002Fplugins\u002Fsquish-site-patrol\u002Fassets\u002Fjs\u002Fpatchwork-2fa.js",[],[389,391],[395,396,397,398],"squish-site-patrol\u002Fassets\u002Fcss\u002Fpatchwork-admin.css?ver=","squish-site-patrol\u002Fassets\u002Fjs\u002Fpatchwork-admin.js?ver=","squish-site-patrol\u002Fassets\u002Fcss\u002Fpatchwork-2fa.css?ver=","squish-site-patrol\u002Fassets\u002Fjs\u002Fpatchwork-2fa.js?ver=",{"cssClasses":400,"htmlComments":408,"htmlAttributes":409,"restEndpoints":412,"jsGlobals":413,"shortcodeOutput":415},[401,402,403,404,405,406,407],"pw-2fa-box","pw-2fa-logo","pw-2fa-title","pw-2fa-sub","pw-2fa-error","pw-2fa-input","pw-2fa-button",[],[410,411],"data-user-id","data-token",[],[414],"patchwork_2fa_settings",[],{"error":261,"url":417,"statusCode":418,"statusMessage":419,"message":419},"http:\u002F\u002Flocalhost\u002Fapi\u002Fplugins\u002Fsquish-site-patrol\u002Fbundle",404,"no bundle for this plugin yet",{"slug":4,"current_version":6,"total_versions":421,"versions":422},5,[423,428,435,442,449],{"version":6,"download_url":24,"svn_tag_url":424,"released_at":26,"has_diff":259,"diff_files_changed":425,"diff_lines":26,"trac_diff_url":426,"vulnerabilities":427,"is_current":261},"https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsquish-site-patrol\u002Ftags\u002F1.5.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsquish-site-patrol%2Ftags%2F1.4.0&new_path=%2Fsquish-site-patrol%2Ftags%2F1.5.0",[],{"version":429,"download_url":430,"svn_tag_url":431,"released_at":26,"has_diff":259,"diff_files_changed":432,"diff_lines":26,"trac_diff_url":433,"vulnerabilities":434,"is_current":259},"1.4.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsquish-site-patrol.1.4.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsquish-site-patrol\u002Ftags\u002F1.4.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsquish-site-patrol%2Ftags%2F1.3.0&new_path=%2Fsquish-site-patrol%2Ftags%2F1.4.0",[],{"version":436,"download_url":437,"svn_tag_url":438,"released_at":26,"has_diff":259,"diff_files_changed":439,"diff_lines":26,"trac_diff_url":440,"vulnerabilities":441,"is_current":259},"1.3.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsquish-site-patrol.1.3.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsquish-site-patrol\u002Ftags\u002F1.3.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsquish-site-patrol%2Ftags%2F1.1.0&new_path=%2Fsquish-site-patrol%2Ftags%2F1.3.0",[],{"version":443,"download_url":444,"svn_tag_url":445,"released_at":26,"has_diff":259,"diff_files_changed":446,"diff_lines":26,"trac_diff_url":447,"vulnerabilities":448,"is_current":259},"1.1.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsquish-site-patrol.1.1.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsquish-site-patrol\u002Ftags\u002F1.1.0\u002F",[],"https:\u002F\u002Fplugins.trac.wordpress.org\u002Fchangeset?old_path=%2Fsquish-site-patrol%2Ftags%2F1.0.0&new_path=%2Fsquish-site-patrol%2Ftags%2F1.1.0",[],{"version":450,"download_url":451,"svn_tag_url":452,"released_at":26,"has_diff":259,"diff_files_changed":453,"diff_lines":26,"trac_diff_url":26,"vulnerabilities":454,"is_current":259},"1.0.0","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fsquish-site-patrol.1.0.0.zip","https:\u002F\u002Fplugins.svn.wordpress.org\u002Fsquish-site-patrol\u002Ftags\u002F1.0.0\u002F",[],[]]